Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/SONET/0/323430343a38303a3a2f32382d3438203d3e203138313832.roa
File: 323430343a38303a3a2f32382d3438203d3e203138313832.roa (raw, json)
Hash identifier: gD1x4xXT4Z6eEJ+bwB2oDJNQCUbNjWpPyKuQClgUoNQ=
Subject key identifier: 33:2E:1D:68:5C:BB:49:57:BC:F1:B8:A5:20:DD:C4:4E:74:59:A7:61
Certificate issuer: /CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Certificate serial: 5208BC64230D364260F6E6E4FC69DFCAED29C2F7
Authority key identifier: 3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/SONET/0/323430343a38303a3a2f32382d3438203d3e203138313832.roa
Signing time: Mon 11 May 2026 16:54:30 +0000
ROA not before: Mon 11 May 2026 16:49:30 +0000
ROA not after: Mon 10 May 2027 16:54:30 +0000
asID: 18182
IP address blocks: 2404:80::/28 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:08:bc:64:23:0d:36:42:60:f6:e6:e4:fc:69:df:ca:ed:29:c2:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF
Validity
Not Before: May 11 16:49:30 2026 GMT
Not After : May 10 16:54:30 2027 GMT
Subject: CN=332E1D685CBB4957BCF1B8A520DDC44E7459A761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2e:08:e3:43:00:cb:8d:dc:2d:5b:b0:83:69:
43:a3:92:78:5d:c4:e0:c0:05:29:52:cc:28:14:fe:
b6:87:a4:8c:1b:7b:fb:17:4e:ff:96:b9:7c:dc:da:
a0:56:a2:dd:76:e2:56:dc:b0:12:7e:22:ba:7f:78:
7d:6f:b0:87:ee:90:9e:c5:9f:5f:79:dc:dc:8b:26:
62:c3:2a:f3:94:de:12:2d:66:02:54:be:0f:9c:84:
c9:ea:ea:bb:f1:28:0e:91:2c:98:3b:35:d3:e0:26:
7f:6b:48:5d:64:55:2b:b8:59:55:87:a7:c8:96:f7:
db:ab:6f:da:67:b1:ef:f8:8f:b2:28:83:37:9b:03:
7b:02:72:29:ec:21:c3:e2:0e:b2:0e:73:53:be:f9:
e4:c7:d1:c6:1d:07:92:9d:52:80:c8:9c:98:6c:0b:
40:bf:4a:b3:0a:3b:c6:d4:1e:d4:c7:c7:8e:a8:e6:
06:98:9b:66:de:04:85:da:93:7c:d8:f2:a2:91:60:
d0:f9:f2:99:50:ca:56:61:33:56:c5:62:8d:e2:bd:
e9:78:ab:fb:fe:f0:80:46:3b:ac:0f:de:e2:d2:79:
d9:36:5c:77:29:fc:6c:57:f4:12:07:08:ea:40:b9:
e5:d4:92:f9:f4:09:57:0e:77:2b:81:95:6d:ca:f3:
35:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2E:1D:68:5C:BB:49:57:BC:F1:B8:A5:20:DD:C4:4E:74:59:A7:61
X509v3 Authority Key Identifier:
keyid:3F:6D:33:C9:B3:9C:FC:95:0A:2D:3D:BC:78:13:1E:1A:AF:8C:C8:EF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/SONET/0/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1/3F6D33C9B39CFC950A2D3DBC78131E1AAF8CC8EF.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/SONET/0/323430343a38303a3a2f32382d3438203d3e203138313832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2404:80::/28
Signature Algorithm: sha256WithRSAEncryption
5c:c0:8f:e7:0a:dc:6c:ac:01:1e:e7:37:fb:4b:70:12:10:9f:
47:32:0a:6e:5a:6a:9a:bb:38:75:c4:f6:a0:3b:49:b9:ef:50:
d2:45:75:ce:bf:7d:91:93:e1:3e:ba:e7:d9:48:37:8c:03:c2:
99:e7:84:18:85:71:6f:90:4a:4b:0d:f4:99:ba:80:0b:34:0b:
f3:b9:4b:29:ea:4e:05:c8:34:5d:45:4a:64:c0:dd:ac:a5:86:
cb:f9:09:06:21:8d:ea:ee:2e:aa:f1:84:ca:c4:bc:2e:59:d0:
44:2a:de:0a:c8:d5:d2:2c:76:e2:6e:df:fd:fe:45:ce:b8:76:
93:a0:dd:a1:69:65:65:f2:53:cc:03:67:54:cc:e7:38:52:58:
76:3d:05:ca:54:9a:c4:88:18:12:cb:18:6b:cd:e4:ff:48:a2:
d4:9d:eb:09:bb:cd:1e:45:4d:19:44:34:b9:15:89:3b:c7:75:
4a:10:88:8f:38:5e:50:73:24:93:8e:7a:b6:74:14:c2:fb:1b:
ad:91:69:8a:0f:51:3b:92:63:75:38:5a:b2:60:db:9e:d8:1c:
6f:74:fe:5c:b0:40:1e:c4:be:14:1f:66:58:a3:80:23:be:bb:
c5:f4:4f:b6:1e:67:9f:cd:99:e0:1b:0c:39:83:22:7d:59:b3:
dc:29:8a:8b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgIUUgi8ZCMNNkJg9ubk/Gnfyu0pwvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Y2RDMzQzlCMzlDRkM5NTBBMkQzREJDNzgxMzFFMUFB
RjhDQzhFRjAeFw0yNjA1MTExNjQ5MzBaFw0yNzA1MTAxNjU0MzBaMDMxMTAvBgNV
BAMTKDMzMkUxRDY4NUNCQjQ5NTdCQ0YxQjhBNTIwRERDNDRFNzQ1OUE3NjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfLgjjQwDLjdwtW7CDaUOjknhd
xODABSlSzCgU/raHpIwbe/sXTv+WuXzc2qBWot124lbcsBJ+Irp/eH1vsIfukJ7F
n1953NyLJmLDKvOU3hItZgJUvg+chMnq6rvxKA6RLJg7NdPgJn9rSF1kVSu4WVWH
p8iW99urb9pnse/4j7IogzebA3sCcinsIcPiDrIOc1O++eTH0cYdB5KdUoDInJhs
C0C/SrMKO8bUHtTHx46o5gaYm2beBIXak3zY8qKRYND58plQylZhM1bFYo3ivel4
q/v+8IBGO6wP3uLSedk2XHcp/GxX9BIHCOpAueXUkvn0CVcOdyuBlW3K8zXJAgMB
AAGjggHcMIIB2DAdBgNVHQ4EFgQUMy4daFy7SVe88bilIN3ETnRZp2EwHwYDVR0j
BBgwFoAUP20zybOc/JUKLT28eBMeGq+MyO8wDgYDVR0PAQH/BAQDAgeAMGIGA1Ud
HwRbMFkwV6BVoFOGUXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvU09ORVQv
MC8zRjZEMzNDOUIzOUNGQzk1MEEyRDNEQkM3ODEzMUUxQUFGOENDOEVGLmNybDBv
BggrBgEFBQcBAQRjMGEwXwYIKwYBBQUHMAKGU3JzeW5jOi8vcnBraWNhLnR3bmlj
LnR3L3Jwa2kvVFdOSUNDQS8xLzNGNkQzM0M5QjM5Q0ZDOTUwQTJEM0RCQzc4MTMx
RTFBQUY4Q0M4RUYuY2VyMHUGCCsGAQUFBwELBGkwZzBlBggrBgEFBQcwC4ZZcnN5
bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9TT05FVC8wLzMyMzQzMDM0M2EzODMw
M2EzYTJmMzIzODJkMzQzODIwM2QzZTIwMzEzODMxMzgzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFBCQE
AIAwDQYJKoZIhvcNAQELBQADggEBAFzAj+cK3GysAR7nN/tLcBIQn0cyCm5aapq7
OHXE9qA7SbnvUNJFdc6/fZGT4T6659lIN4wDwpnnhBiFcW+QSksN9Jm6gAs0C/O5
SynqTgXINF1FSmTA3aylhsv5CQYhjeruLqrxhMrEvC5Z0EQq3grI1dIsduJu3/3+
Rc64dpOg3aFpZWXyU8wDZ1TM5zhSWHY9BcpUmsSIGBLLGGvN5P9IotSd6wm7zR5F
TRlENLkViTvHdUoQiI84XlBzJJOOerZ0FML7G62RaYoPUTuSY3U4WrJg257YHG90
/lywQB7EvhQfZlijgCO+u8X0T7YeZ5/NmeAbDDmDIn1Zs9wpios=
-----END CERTIFICATE-----
Generated at Wed May 13 02:18:59 2026 by rpki-client